Re: 127.0.0.0/8 addresses from the network

To: debian-security@lists.debian.org
Subject: Re: 127.0.0.0/8 addresses from the network
From: Jim Breton <jamesb-debian@alongtheway.com>
Date: Fri, 9 Mar 2001 20:49:54 +0000
Message-id: <[🔎] 20010309204954.24241.qmail@alongtheway.com>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 20010309084740.H28342@llama.nslug.ns.ca>; from peter@llama.nslug.ns.ca on Fri, Mar 09, 2001 at 08:47:41AM -0400
References: <[🔎] 20010309113023.A22505@fantomas.sk> <[🔎] 20010309084740.H28342@llama.nslug.ns.ca>

On Fri, Mar 09, 2001 at 08:47:41AM -0400, Peter Cordes wrote:
>  Yes.  It uses rp_filter (this is controlled in /proc/sys/...  Read

Also by:

/etc/ipmasq/rules/I15lospoof.def

if you have the ipmasq package installed:

# deny and log all packets trying to come in from a 127.0.0.0/8 address
# over a non-'lo' interface

[snip]

ipchains)
    $IPCHAINS -A input -j DENY -i !lo -s 127.0.0.1/255.0.0.0 -l
    ;;

Btw, to the original poster: any rules said to apply to "2.1" kernels
also apply to 2.2 kernels... not to worry.

HTH.

Reply to:

Follow-Ups:
- Re: 127.0.0.0/8 addresses from the network
  - From: Jim Breton <jamesb-debian@alongtheway.com>

References:
- 127.0.0.0/8 addresses from the network
  - From: "Matus \"fantomas\" Uhlar" <uhlar@fantomas.sk>
- Re: 127.0.0.0/8 addresses from the network
  - From: Peter Cordes <peter@llama.nslug.ns.ca>

Prev by Date: Re: kernel patches
Next by Date: Re: kernel patches
Previous by thread: Re: 127.0.0.0/8 addresses from the network
Next by thread: Re: 127.0.0.0/8 addresses from the network
Index(es):
- Date
- Thread